iRule to Allow acess to /wp-admin

Question

Hello guys, I have a site protected by ASM that works on WordPress, it was requested that an exception to be created for the path /wp-admin, because they are receiving several blocks on access to the path, I tried to add the path in the section of URL'S allowed but it did not work, I keep receiving the logs and the blocks keep occurring for the path /wp-admin, is there a way or an iRule to perform a bypass in the path /wp-admin so that it is not blocked access?

Best Regards.

spalande · Answer

What's your current setup? How do you block /wp-admin currently via an iRule or ASM policy? &nbsp;

victor_soares · Answer

Hello SanjayP! about hardware we are using 2 i2800 (Active - Passive), about the URL we're only using ASM protection on BIG-IP, don't using any other feature like load balancing or something like that. Currently using default ASM policy, without any iRule, i've tryied to input the path on allowe URL'S but without success.

spalande · Answer

If you are using ONLY "ASM" to disallow URL and you want to allow specific URL then Navigate to Security -&gt; URL's --&gt; disallowed URL's and remove /wp-admin. &nbsp;If in the allowed URL list (security -&gt; URL -&gt; Allowed URLs) if wildcard (*) is removed, then add the /wp-admin (for explicit) or /wp-admin* for the wildcard.&nbsp;&nbsp;if you are still receiving ASM blocks, please provid the log snippet for the reason of the ASM block and URL getting blocked.

victor_soares · Answer

Hello SanjayP, currently i'm using the allowed urls method, like the image :At the moment, i had to switch the application to learning mode, but i have an alert after this allowed URL applied and the blocked alert :&nbsp;Keyword match : 1st Path :2st Path at the same signature : &nbsp;Both was blocked with the Allowed URL'S configured like the 1st image.&nbsp;Thank You.&nbsp;

victor_soares · Answer

Both of the alerts are matching at the &nbsp;&nbsp;img tag: src/dynsrc/lowsrc (Parameter) signature in /wp-admin/* path

Forum Discussion

iRule to Allow acess to /wp-admin

8 Replies

Recent Discussions

Errors with AS3 3.56.0 with F5 17.5.1.6

F5 ASM/AWAF – violations logged but no learning suggestions generated

F5 VELOS Backplane Inter-Tenants Communication

migrate from serie I to R. Cluster LTM-GTM

Best Practice guide for enabling Attack signature In BIG-IP ASM

Related Content

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

iRules Contest Entry Example

Generic iRule based on datagroup parsing

JSON-query'ish meta language for iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS